/*
 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
 * ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 */

package java.security.cert;

import java.math.BigInteger;
import java.util.Date;
import javax.security.auth.x500.X500Principal;

import sun.security.x509.X509CRLEntryImpl;

/**
 * <p>Abstract class for a revoked certificate in a CRL (Certificate
 * Revocation List).
 *
 * The ASN.1 definition for <em>revokedCertificates</em> is:
 * <pre>
 * revokedCertificates    SEQUENCE OF SEQUENCE  {
 *     userCertificate    CertificateSerialNumber,
 *     revocationDate     ChoiceOfTime,
 *     crlEntryExtensions Extensions OPTIONAL
 *                        -- if present, must be v2
 * }  OPTIONAL
 *
 * CertificateSerialNumber  ::=  INTEGER
 *
 * Extensions  ::=  SEQUENCE SIZE (1..MAX) OF Extension
 *
 * Extension  ::=  SEQUENCE  {
 *     extnId        OBJECT IDENTIFIER,
 *     critical      BOOLEAN DEFAULT FALSE,
 *     extnValue     OCTET STRING
 *                   -- contains a DER encoding of a value
 *                   -- of the type registered for use with
 *                   -- the extnId object identifier value
 * }
 * </pre>
 *
 * @author Hemma Prafullchandra
 * @see X509CRL
 * @see X509Extension
 */

public abstract class X509CRLEntry implements X509Extension {

  /**
   * Compares this CRL entry for equality with the given
   * object. If the {@code other} object is an
   * {@code instanceof} {@code X509CRLEntry}, then
   * its encoded form (the inner SEQUENCE) is retrieved and compared
   * with the encoded form of this CRL entry.
   *
   * @param other the object to test for equality with this CRL entry.
   * @return true iff the encoded forms of the two CRL entries match, false otherwise.
   */
  public boolean equals(Object other) {
    if (this == other) {
      return true;
    }
    if (!(other instanceof X509CRLEntry)) {
      return false;
    }
    try {
      byte[] thisCRLEntry = this.getEncoded();
      byte[] otherCRLEntry = ((X509CRLEntry) other).getEncoded();

      if (thisCRLEntry.length != otherCRLEntry.length) {
        return false;
      }
      for (int i = 0; i < thisCRLEntry.length; i++) {
        if (thisCRLEntry[i] != otherCRLEntry[i]) {
          return false;
        }
      }
    } catch (CRLException ce) {
      return false;
    }
    return true;
  }

  /**
   * Returns a hashcode value for this CRL entry from its
   * encoded form.
   *
   * @return the hashcode value.
   */
  public int hashCode() {
    int retval = 0;
    try {
      byte[] entryData = this.getEncoded();
      for (int i = 1; i < entryData.length; i++) {
        retval += entryData[i] * i;
      }

    } catch (CRLException ce) {
      return (retval);
    }
    return (retval);
  }

  /**
   * Returns the ASN.1 DER-encoded form of this CRL Entry,
   * that is the inner SEQUENCE.
   *
   * @return the encoded form of this certificate
   * @throws CRLException if an encoding error occurs.
   */
  public abstract byte[] getEncoded() throws CRLException;

  /**
   * Gets the serial number from this X509CRLEntry,
   * the <em>userCertificate</em>.
   *
   * @return the serial number.
   */
  public abstract BigInteger getSerialNumber();

  /**
   * Get the issuer of the X509Certificate described by this entry. If
   * the certificate issuer is also the CRL issuer, this method returns
   * null.
   *
   * <p>This method is used with indirect CRLs. The default implementation
   * always returns null. Subclasses that wish to support indirect CRLs
   * should override it.
   *
   * @return the issuer of the X509Certificate described by this entry or null if it is issued by
   * the CRL issuer.
   * @since 1.5
   */
  public X500Principal getCertificateIssuer() {
    return null;
  }

  /**
   * Gets the revocation date from this X509CRLEntry,
   * the <em>revocationDate</em>.
   *
   * @return the revocation date.
   */
  public abstract Date getRevocationDate();

  /**
   * Returns true if this CRL entry has extensions.
   *
   * @return true if this entry has extensions, false otherwise.
   */
  public abstract boolean hasExtensions();

  /**
   * Returns a string representation of this CRL entry.
   *
   * @return a string representation of this CRL entry.
   */
  public abstract String toString();

  /**
   * Returns the reason the certificate has been revoked, as specified
   * in the Reason Code extension of this CRL entry.
   *
   * @return the reason the certificate has been revoked, or {@code null} if this CRL entry does not
   * have a Reason Code extension
   * @since 1.7
   */
  public CRLReason getRevocationReason() {
    if (!hasExtensions()) {
      return null;
    }
    return X509CRLEntryImpl.getRevocationReason(this);
  }
}
